Expert warns of Turtle macOS ransomware
The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting it is not a sophisticated threat. However, the malicious code was generally detected as “Other:Malware-gen”, “Trojan.Generic”, or…
‘Hunters International’ Cyberattackers Take Over Hive Ransomware
The FBI may have successfully disrupted the destructive Hive ransomware operation earlier this year, but the group’s malware code continues to present a threat to organizations everywhere. In October, a security researcher’s analysis of a ransomware used by new group called Hunters International showed substantial code overlaps with Hive ransomware. A subsequent analysis by Bitdefender…
North Korea’s BlueNoroff APT Debuts ‘Dumbed Down’ macOS Malware
North Korean state hackers have debuted a fresh Mac malware targeting users in the US and Japan, which researchers characterize as “dumbed down” but effective. An arm of the DPRK’s notorious Lazarus Group, BlueNoroff has been known to raise money for the Kim regime by targeting financial institutions — banks, venture capital firms, cryptocurrency exchanges…
‘KandyKorn’ macOS Malware Lures Crypto Engineers
The infamous North Korean advanced persistent threat (APT) group Lazarus has developed a form of macOS malware called “KandyKorn,” which it is using to target blockchain engineers connected to cryptocurrency exchanges. According to a report from Elastic Security Labs, KandyKorn has a full-featured set of capabilities to detect, access, and steal any data from the…
Ransomware Readiness Assessments: One Size Doesn’t Fit All
Ransomware attacks can be devastating for organizations, causing significant damage to operations and reputations. Therefore, it’s crucial to prepare for such an eventuality with a comprehensive ransomware response plan. However, it’s also essential to understand that ransomware readiness assessments aren’t a one-size-fits-all solution. Let’s explore why a tailored approach to ransomware readiness assessments is necessary…
NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads
Compromised Facebook business accounts are being used to run bogus ads that employ “revealing photos of young women” as lures to trick victims into downloading an updated version of a malware called NodeStealer. “Clicking on ads immediately downloads an archive containing a malicious .exe ‘Photo Album’ file which also drops a second executable written in…
Chinese APT group ToddyCat launches new cyber-espionage campaigns
Researchers warn of renewed attacks against high-profile organizations launched by a Chinese APT actor known in the industry as ToddyCat. The group has been refining its tactics as well as malware toolset since 2020 when it was originally discovered. In a new report this week, researchers from security firm Check Point Software Technologies documented a…
DarkGate Operator Uses Skype, Teams Messages to Distribute Malware
A threat actor is using compromised Skype and Microsoft Teams accounts to distribute DarkGate, a troublesome loader associated with multiple malicious activities, including information theft, keylogging, cryptocurrency miners, and ransomware such as Black Basta. Forty-one percent of the targets of the campaign — which appears to have begun in August — are organizations in the…
Ransomware attack on MGM Resorts costs $110 Million
In September the hospitality and entertainment company MGM Resorts was hit by a ransomware attack that shut down its systems at MGM Hotels and Casinos. The incident affected hotel reservation systems in the United States and other IT systems that run the casino floors. The company now revealed that the costs from the ransomware attack…
WatchGuard Threat Lab Report Finds Endpoint Malware Volumes Decreasing Despite Campaigns Growing More Expansive
WatchGuard® Technologies, a global leader in unified cybersecurity, today announced the findings of its latest Internet Security Report, detailing the top malware trends and network and endpoint security threats analyzed by WatchGuard Threat Lab researchers. Key findings from the research include 95% of malware now arriving over encrypted connections, a decrease in endpoint malware volumes…
